Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/16C452742C8711EFB7E8FE71C4F9AE02.roa
File: 16C452742C8711EFB7E8FE71C4F9AE02.roa (raw, json)
Hash identifier: SNblw0XK7Q7dSmO971Mjs0oTw8qIwNRIiQZaayudnqY=
Subject key identifier: EF:4F:D6:07:0A:53:26:4D:1C:2B:4C:21:CF:8E:4A:96:FC:F7:88:18
Certificate issuer: /CN=A916557B/serialNumber=2853BDA1638C599A84C3095310E69BFD260AA978
Certificate serial: 02EB
Authority key identifier: 28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/16C452742C8711EFB7E8FE71C4F9AE02.roa
Signing time: Fri 28 Jun 2024 11:08:12 +0000
ROA not before: Fri 28 Jun 2024 11:08:12 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.255.117.0/24 maxlen: 24
103.49.61.0/24 maxlen: 24
103.235.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Aug 2024 14:17:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 747 (0x2eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916557B
Validity
Not Before: Jun 28 11:08:12 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=667e999c-aa2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9b:a0:6c:61:ad:77:4c:4e:f2:ae:86:18:0d:
6b:67:62:39:11:cc:c4:02:d3:b2:fc:38:12:c3:e6:
a7:f5:65:6a:7e:6e:bc:2a:30:ed:63:df:7f:4a:cd:
90:f3:71:6b:cc:3a:e8:9b:ad:e2:64:d5:70:8d:64:
1f:22:cd:f7:c4:5b:9c:e5:d3:56:c0:51:07:b9:95:
be:1f:5d:3e:08:0b:1c:34:db:d0:d7:04:2d:3b:e3:
c6:a6:70:34:9b:d4:ec:1e:04:d4:09:dc:73:15:0f:
52:d1:7a:a6:bb:f1:45:ec:bb:dd:0d:9a:d5:55:d5:
e7:1c:36:cb:1b:f4:cf:23:4d:40:0f:f3:e8:67:2c:
c2:f1:04:5f:cf:ac:a0:59:26:92:d6:63:3a:b5:fd:
db:e9:b0:d3:fe:74:a7:8c:e1:7c:a2:49:f5:93:c7:
60:20:9f:1a:e7:73:f6:63:e8:0a:68:1a:0e:f1:5f:
8e:13:c7:79:fd:1c:3a:93:d5:6a:ae:a6:d2:c0:b1:
87:57:c3:85:36:05:c4:40:c4:85:c6:78:e7:48:aa:
97:2f:f9:cf:20:ed:34:3b:b5:9f:f0:de:ae:88:a8:
d6:f7:0c:c8:bf:7c:95:b0:2c:75:bc:a4:b3:6d:27:
8e:75:47:d4:01:6e:e2:ca:d3:f2:ad:cc:4a:61:a8:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4F:D6:07:0A:53:26:4D:1C:2B:4C:21:CF:8E:4A:96:FC:F7:88:18
X509v3 Authority Key Identifier:
keyid:28:53:BD:A1:63:8C:59:9A:84:C3:09:53:10:E6:9B:FD:26:0A:A9:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/KFO9oWOMWZqEwwlTEOab_SYKqXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KFO9oWOMWZqEwwlTEOab_SYKqXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916557B/8DA72640C1FA11ECB30EE21AC4F9AE02/16C452742C8711EFB7E8FE71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.117.0/24
103.49.61.0/24
103.235.19.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:11:12:74:3d:0a:50:5e:0f:ec:eb:a6:69:52:8f:01:33:1c:
be:68:03:b6:e7:d0:22:d2:22:ab:65:33:87:0f:84:aa:b9:ae:
de:1b:10:72:dc:d6:35:77:aa:39:a3:02:fb:a5:8d:bd:43:82:
70:1e:55:df:41:44:da:89:3f:03:8a:b2:7e:1d:53:29:00:ab:
92:e2:d3:c4:95:62:e7:41:79:30:4b:d2:f2:ce:46:23:00:64:
9a:87:ec:34:74:0e:4c:17:c3:fc:29:22:6e:1a:42:cf:b0:92:
7c:ba:77:66:1a:66:b7:4b:5f:31:f2:7f:f9:75:83:c7:b2:f1:
ed:92:b2:de:6f:10:6f:cf:78:be:62:08:1b:de:13:be:1a:f6:
e7:a1:0c:b6:25:c4:9c:6d:00:13:be:33:ef:9a:b3:c8:be:b7:
10:e4:2e:0a:1a:2e:80:4c:b5:9b:53:3b:55:db:0e:59:79:09:
8b:39:f8:f2:5b:a5:5f:9d:43:b0:3f:42:32:cf:c1:21:73:0b:
ea:8e:3c:8f:de:17:bd:58:7a:67:c5:19:f7:93:1e:f6:1e:9e:
6b:c7:0e:33:7a:53:5b:2c:c4:83:af:15:68:0c:ac:65:59:2a:
f2:fc:b6:ab:2c:d4:9f:4b:2f:f4:26:a2:aa:f8:bc:f6:d7:91:
fc:24:0c:c5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAuswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjU1N0IxMTAvBgNVBAUTKDI4NTNCREExNjM4QzU5OUE4NEMzMDk1MzEwRTY5QkZE
MjYwQUE5NzgwHhcNMjQwNjI4MTEwODEyWhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdlOTk5Yy1hYTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ZugbGGtd0xO8q6GGA1rZ2I5EczEAtOy/DgSw+an9WVqfm68KjDtY99/Ss2Q
83FrzDrom63iZNVwjWQfIs33xFuc5dNWwFEHuZW+H10+CAscNNvQ1wQtO+PGpnA0
m9TsHgTUCdxzFQ9S0Xqmu/FF7LvdDZrVVdXnHDbLG/TPI01AD/PoZyzC8QRfz6yg
WSaS1mM6tf3b6bDT/nSnjOF8okn1k8dgIJ8a53P2Y+gKaBoO8V+OE8d5/Rw6k9Vq
rqbSwLGHV8OFNgXEQMSFxnjnSKqXL/nPIO00O7Wf8N6uiKjW9wzIv3yVsCx1vKSz
bSeOdUfUAW7iytPyrcxKYajjtwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFO9P1gcK
UyZNHCtMIc+OSpb894gYMB8GA1UdIwQYMBaAFChTvaFjjFmahMMJUxDmm/0mCql4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NTU3Qi84REE3MjY0MEMx
RkExMUVDQjMwRUUyMUFDNEY5QUUwMi9LRk85b1dPTVdacUV3d2xURU9hYl9TWUtx
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tGTzlvV09NV1pxRXd3bFRFT2FiX1NZS3FYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjU1N0IvOERBNzI2NDBDMUZBMTFFQ0IzMEVFMjFBQzRGOUFFMDIvMTZDNDUyNzQy
Qzg3MTFFRkI3RThGRTcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr/3UDBABnMT0DBABn6xMwDQYJKoZIhvcNAQELBQADggEB
ALUREnQ9ClBeD+zrpmlSjwEzHL5oA7bn0CLSIqtlM4cPhKq5rt4bEHLc1jV3qjmj
Avuljb1DgnAeVd9BRNqJPwOKsn4dUykAq5Li08SVYudBeTBL0vLORiMAZJqH7DR0
DkwXw/wpIm4aQs+wkny6d2YaZrdLXzHyf/l1g8ey8e2Sst5vEG/PeL5iCBveE74a
9uehDLYlxJxtABO+M++as8i+txDkLgoaLoBMtZtTO1XbDll5CYs5+PJbpV+dQ7A/
QjLPwSFzC+qOPI/eF71YemfFGfeTHvYenmvHDjN6U1ssxIOvFWgMrGVZKvL8tqss
1J9LL/Qmoqr4vPbXkfwkDMU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:29 2025 by rpki-client